Saturday, March 22, 2014

Mozilla fixes Firefox flaws exploited at HP's Pwn2own

Mozilla on Tuesday patched five vulnerabilities exploited by researchers last week at the Pwn2Own hacking contest, where they were awarded $200,000 for their collective efforts. Firefox 28 was primarily a security update, patching the five Pwn2Own flaws and 15 others. At the hacking challenge, co-sponsored by HP TippingPoint's Zero Day Initiative (ZDI) bug bounty program and Google, Firefox fell to four teams or individuals, twice the number of hacks as any other browser. Each successful exploit earned the researcher(s) $50,000, the lowest award for any of the browsers: Apple's Safari, Google's Chrome, Microsoft's Internet Explorer and Firefox. Google patched the Chrome vulnerabilities last Friday, the day after Pwn2Own ended. <more>